[PATCH] fix ide-cs hang after device removal 2

[Anton Vorontsov]

Hi!

Andrew, can you please replace
fix-ide-cs-hang-after-device-removal.patch by attached one?

They are exactly same, but -2.patch do not touches SCSI's sd.c.
Todd Blumer found that SCSI do get_device() and must put it back,
thus my assumption that SCSI also affected was wrong.

Thanks,

-- Anton (irc: bd2)
From: Anton Vorontsov <cbou@xxxxxxx>

I've caught deadlock inside IDE layer using IDE-CS: after accessing to IDE
disk placed in PCMCIA (CF card really), it will never probe again after
pulling it from PCMCIA/CF.

The kernel is stuck at
drivers/ide/ide.c:ide_unregister():604:

        602                 spin_unlock_irq(&ide_lock);
        603                 device_unregister(&drive->gendev);
        604                 wait_for_completion(&drive->gendev_rel_comp);
        605                 spin_lock_irq(&ide_lock);

ide_unregister() assumes that device_unregister() will call
ide-probe.c:drive_release_dev():

        1282 static void drive_release_dev (struct device *dev)
        1283 {
        ....         [...]
        1302         complete(&drive->gendev_rel_comp);
        1303 }

        1311 static void init_gendisk (ide_hwif_t *hwif)
        1312 {
        ....
        1323                 drive->gendev.release = drive_release_dev;
        ....
        1333 }

But release() function will not called because drive->gendev is still
referenced inside genhd layer.


No need to get_device(driverfs_dev), because it's already gotten by
add_disk().  And no function will call put_device() second time.  This is
the source of deadlock[1] in IDE layer.

[1] deadlock in ide_unregister()

at wait_for_completion(&drive->gendev_rel_comp) after
device_unregister(&drive->gendev).  That happens by reason of
ide-probe.c:drive_release_dev() not called because of driverfs_dev (which
is drive->gendev) still referenced by add_disk().

Cc: Alan Cox <alan@xxxxxxxxxxxxxxxxxxx>
Cc: James Bottomley <James.Bottomley@xxxxxxxxxxxx>
Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Cc: Greg KH <greg@xxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
Signed-off-by: Anton Vorontsov <cbou@xxxxxxx>
---

 fs/partitions/check.c |    5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/fs/partitions/check.c b/fs/partitions/check.c
index 6fb4b61..8371adf 100644
--- a/fs/partitions/check.c
+++ b/fs/partitions/check.c
@@ -378,7 +378,7 @@ static char *make_block_name(struct gend
 
 static int disk_sysfs_symlinks(struct gendisk *disk)
 {
-	struct device *target = get_device(disk->driverfs_dev);
+	struct device *target = disk->driverfs_dev;
 	int err;
 	char *disk_name = NULL;
 
@@ -414,9 +414,8 @@ err_out_dev_link:
 		sysfs_remove_link(&disk->kobj, "device");
 err_out_disk_name:
 		kfree(disk_name);
-err_out:
-		put_device(target);
 	}
+err_out:
 	return err;
 }
 
_